001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.action;
016    
017    import com.liferay.portal.kernel.portlet.WindowStateFactory;
018    import com.liferay.portal.kernel.util.HttpUtil;
019    import com.liferay.portal.kernel.util.ParamUtil;
020    import com.liferay.portal.kernel.util.PropsKeys;
021    import com.liferay.portal.kernel.util.StringUtil;
022    import com.liferay.portal.kernel.util.Validator;
023    import com.liferay.portal.theme.ThemeDisplay;
024    import com.liferay.portal.util.PortalUtil;
025    import com.liferay.portal.util.PortletKeys;
026    import com.liferay.portal.util.PrefsPropsUtil;
027    import com.liferay.portal.util.PropsValues;
028    import com.liferay.portal.util.WebKeys;
029    import com.liferay.portlet.PortletURLFactoryUtil;
030    import com.liferay.portlet.login.util.LoginUtil;
031    
032    import javax.portlet.PortletMode;
033    import javax.portlet.PortletRequest;
034    import javax.portlet.PortletURL;
035    import javax.portlet.WindowState;
036    
037    import javax.servlet.http.HttpServletRequest;
038    import javax.servlet.http.HttpServletResponse;
039    import javax.servlet.http.HttpSession;
040    
041    import org.apache.struts.action.Action;
042    import org.apache.struts.action.ActionForm;
043    import org.apache.struts.action.ActionForward;
044    import org.apache.struts.action.ActionMapping;
045    
046    /**
047     * @author Brian Wing Shun Chan
048     * @author Scott Lee
049     */
050    public class LoginAction extends Action {
051    
052            @Override
053            public ActionForward execute(
054                            ActionMapping mapping, ActionForm form, HttpServletRequest request,
055                            HttpServletResponse response)
056                    throws Exception {
057    
058                    ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
059                            WebKeys.THEME_DISPLAY);
060    
061                    if (PropsValues.AUTH_LOGIN_DISABLED) {
062                            response.sendRedirect(
063                                    themeDisplay.getPathMain() +
064                                            PropsValues.AUTH_LOGIN_DISABLED_PATH);
065    
066                            return null;
067                    }
068    
069                    String login = ParamUtil.getString(request, "login");
070                    String password = request.getParameter("password");
071                    boolean rememberMe = ParamUtil.getBoolean(request, "rememberMe");
072                    String authType = ParamUtil.getString(request, "authType");
073    
074                    if (Validator.isNotNull(login) && Validator.isNotNull(password)) {
075                            LoginUtil.login(
076                                    request, response, login, password, rememberMe, authType);
077                    }
078    
079                    HttpSession session = request.getSession();
080    
081                    if ((session.getAttribute("j_username") != null) &&
082                            (session.getAttribute("j_password") != null)) {
083    
084                            if (PropsValues.PORTAL_JAAS_ENABLE) {
085                                    return mapping.findForward("/portal/touch_protected.jsp");
086                            }
087                            else {
088                                    response.sendRedirect(themeDisplay.getPathMain());
089    
090                                    return null;
091                            }
092                    }
093    
094                    String redirect = PortalUtil.getSiteLoginURL(themeDisplay);
095    
096                    if (Validator.isNull(redirect)) {
097                            redirect = PropsValues.AUTH_LOGIN_URL;
098                    }
099    
100                    if (Validator.isNull(redirect)) {
101                            PortletURL portletURL = PortletURLFactoryUtil.create(
102                                    request, PortletKeys.LOGIN, themeDisplay.getPlid(),
103                                    PortletRequest.RENDER_PHASE);
104    
105                            portletURL.setParameter("saveLastPath", Boolean.FALSE.toString());
106                            portletURL.setParameter("struts_action", "/login/login");
107                            portletURL.setPortletMode(PortletMode.VIEW);
108                            portletURL.setWindowState(getWindowState(request));
109    
110                            redirect = portletURL.toString();
111                    }
112    
113                    if (PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS) {
114                            String portalURL = PortalUtil.getPortalURL(request);
115                            String portalURLSecure = PortalUtil.getPortalURL(request, true);
116    
117                            if (!portalURL.equals(portalURLSecure)) {
118                                    redirect = StringUtil.replaceFirst(
119                                            redirect, portalURL, portalURLSecure);
120                            }
121                    }
122    
123                    String loginRedirect = ParamUtil.getString(request, "redirect");
124    
125                    if (Validator.isNotNull(loginRedirect)) {
126                            if (PrefsPropsUtil.getBoolean(
127                                            themeDisplay.getCompanyId(), PropsKeys.CAS_AUTH_ENABLED,
128                                            PropsValues.CAS_AUTH_ENABLED)) {
129    
130                                    redirect = loginRedirect;
131                            }
132                            else {
133                                    String loginPortletNamespace = PortalUtil.getPortletNamespace(
134                                            PropsValues.AUTH_LOGIN_PORTLET_NAME);
135    
136                                    String loginRedirectParameter =
137                                            loginPortletNamespace + "redirect";
138    
139                                    redirect = HttpUtil.setParameter(
140                                            redirect, "p_p_id", PropsValues.AUTH_LOGIN_PORTLET_NAME);
141                                    redirect = HttpUtil.setParameter(
142                                            redirect, "p_p_lifecycle", "0");
143                                    redirect = HttpUtil.setParameter(
144                                            redirect, loginRedirectParameter, loginRedirect);
145                            }
146                    }
147    
148                    response.sendRedirect(redirect);
149    
150                    return null;
151            }
152    
153            protected WindowState getWindowState(HttpServletRequest request) {
154                    WindowState windowState = WindowState.MAXIMIZED;
155    
156                    String windowStateString = ParamUtil.getString(request, "windowState");
157    
158                    if (Validator.isNotNull(windowStateString)) {
159                            windowState = WindowStateFactory.getWindowState(windowStateString);
160                    }
161    
162                    return windowState;
163            }
164    
165    }